Direct proof of security of Wegman-Carter authentication with partially known key
From MaRDI portal
(Redirected from Publication:479440)
Abstract: Information-theoretically secure (ITS) authentication is needed in Quantum Key Distribution (QKD). In this paper, we study security of an ITS authentication scheme proposed by Wegman & Carter, in the case of partially known authentication key. This scheme uses a new authentication key in each authentication attempt, to select a hash function from an Almost Strongly Universal hash function family. The partial knowledge of the attacker is measured as the trace distance between the authentication key distribution and the uniform distribution; this is the usual measure in QKD. We provide direct proofs of security of the scheme, when using partially known key, first in the information-theoretic setting and then in terms of witness indistinguishability as used in the Universal Composability (UC) framework. We find that if the authentication procedure has a failure probability and the authentication key has an trace distance to the uniform, then under ITS, the adversary's success probability conditioned on an authentic message-tag pair is only bounded by , where is the size of the set of tags. Furthermore, the trace distance between the authentication key distribution and the uniform increases to after having seen an authentic message-tag pair. Despite this, we are able to prove directly that the authenticated channel is indistinguishable from an (ideal) authentic channel (the desired functionality), except with probability less than . This proves that the scheme is ()-UC-secure, without using the composability theorem.
Recommendations
- Stronger Security Bounds for Wegman-Carter-Shoup Authenticators
- Advances in Cryptology - CRYPTO 2003
- Authenticated key exchange provably secure against the man-in-the-middle attack
- A Provable-Security Treatment of the Key-Wrap Problem
- scientific article; zbMATH DE number 5009198
- Provable security for public key schemes
- Publication:4940695
- scientific article; zbMATH DE number 883898
- On the security proof of an authentication protocol from Eurocrypt 2011
- Provably secure certificateless one-way and two-party authenticated key agreement protocol
Cites work
- scientific article; zbMATH DE number 1676651 (Why is no real title available?)
- scientific article; zbMATH DE number 176541 (Why is no real title available?)
- scientific article; zbMATH DE number 1024067 (Why is no real title available?)
- scientific article; zbMATH DE number 1161253 (Why is no real title available?)
- scientific article; zbMATH DE number 1874366 (Why is no real title available?)
- scientific article; zbMATH DE number 1394290 (Why is no real title available?)
- scientific article; zbMATH DE number 1406775 (Why is no real title available?)
- Attacks on quantum key distribution protocols that employ non-ITS authentication
- Combinatorial techniques for universal hashing
- Key Recycling in Authentication
- New Universal Hash Functions
- New hash functions and their use in authentication and set equality
- Quantum cryptography based on Bell’s theorem
- Quantum cryptography: public key distribution and coin tossing
- Security Aspects of the Authentication Used in Quantum Cryptography
- Universal classes of hash functions
- Universal hashing and multiple authentication
- Vulnerability of ``a novel protocol-authentication algorithm ruling out a man-in-the-middle attack in quantum cryptography
Cited in
(4)- Attacks on quantum key distribution protocols that employ non-ITS authentication
- Quantum key distribution with PRF(Hash, Nonce) achieves everlasting security
- New security notions and feasibility results for authentication of quantum data
- An optimized quantum information splitting scheme with multiple controllers
This page was built for publication: Direct proof of security of Wegman-Carter authentication with partially known key
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q479440)
